Network Working Group G. Zorn Request for Comments: 2867 Cisco Systems, Inc. Category: Informational B. Aboba Updates: 2866 Microsoft Corporation D. Mitton Nortel Networks June 2000
Network Working Group G. Zorn Request for Comments: 2867 Cisco Systems, Inc. Category: Informational B. Aboba Updates: 2866 Microsoft Corporation D. Mitton Nortel Networks June 2000
RADIUS Accounting Modifications for Tunnel Protocol Support
用于隧道协议支持的RADIUS记帐修改
Status of this Memo
本备忘录的状况
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2000). All Rights Reserved.
版权所有(C)互联网协会(2000年)。版权所有。
Abstract
摘要
This document defines new RADIUS accounting Attributes and new values for the existing Acct-Status-Type Attribute [1] designed to support the provision of compulsory tunneling in dial-up networks.
本文档定义了新的RADIUS记帐属性和现有Acct Status Type属性[1]的新值,旨在支持在拨号网络中提供强制隧道。
Specification of Requirements
需求说明
In this document, the key words "MAY", "MUST, "MUST NOT", "optional", "recommended", "SHOULD", and "SHOULD NOT", are to be interpreted as described in [2].
在本文件中,关键词“可能”、“必须”、“不得”、“可选”、“建议”、“应该”和“不应该”的解释如[2]所述。
Many applications of tunneling protocols such as PPTP [5] and L2TP [4] involve dial-up network access. Some, such as the provision of secure access to corporate intranets via the Internet, are characterized by voluntary tunneling: the tunnel is created at the request of the user for a specific purpose. Other applications involve compulsory tunneling: the tunnel is created without any action from the user and without allowing the user any choice in the matter, as a service of the Internet service provider (ISP). Typically, ISPs providing a service want to collect data regarding that service for billing, network planning, etc. One way to collect usage data in dial-up networks is by means of RADIUS Accounting [1]. The use of RADIUS Accounting allows dial-up usage data to be collected at a central location, rather than stored on each NAS.
隧道协议的许多应用,如PPTP[5]和L2TP[4]涉及拨号网络访问。有些,例如通过互联网提供对公司内部网的安全访问,其特点是自愿隧道:隧道是应用户的请求为特定目的而创建的。其他应用程序涉及强制隧道:创建隧道时,用户无需采取任何行动,也不允许用户在该问题上做出任何选择,作为互联网服务提供商(ISP)的一项服务。通常,提供服务的ISP希望收集有关该服务的数据,以进行计费、网络规划等。在拨号网络中收集使用数据的一种方法是通过RADIUS记帐[1]。RADIUS记帐的使用允许在中心位置收集拨号使用情况数据,而不是存储在每个NAS上。
In order to collect usage data regarding tunneling, new RADIUS attributes are needed; this document defines these attributes. In addition, several new values for the Acct-Status-Type attribute are proposed. Specific recommendations for, and examples of, the application of this attribute for the L2TP protocol can be found in RFC 2809.
为了收集有关隧道的使用数据,需要新的半径属性;本文档定义了这些属性。此外,还为Acct Status Type属性提出了几个新值。关于L2TP协议应用此属性的具体建议和示例,请参见RFC 2809。
Compulsory tunneling may be part of a package of services provided by one entity to another. For example, a corporation might contract with an ISP to provide remote intranet access to its employees via compulsory tunneling. In this case, the integration of RADIUS and tunnel protocols allows the ISP and the corporation to synchronize their accounting activities so that each side receives a record of the user's resource consumption. This provides the corporation with the means to audit ISP bills.
强制隧道可能是一个实体向另一个实体提供的一揽子服务的一部分。例如,公司可能与ISP签订合同,通过强制隧道为其员工提供远程内部网访问。在这种情况下,RADIUS和隧道协议的集成允许ISP和公司同步其记帐活动,以便各方都能收到用户资源消耗的记录。这为公司提供了审核ISP账单的手段。
In auditing, the User-Name, Acct-Tunnel-Connection, Tunnel-Client-Endpoint and Tunnel-Server-Endpoint attributes are typically used to uniquely identify the call, allowing the Accounting-Request sent by the NAS to be reconciled with the corresponding Accounting-Request sent by the tunnel server.
在审核中,用户名、Acct Tunnel Connection、Tunnel Client Endpoint和Tunnel Server Endpoint属性通常用于唯一标识调用,从而允许NAS发送的记帐请求与Tunnel Server发送的相应记帐请求进行核对。
When implementing RADIUS accounting for L2TP/PPTP tunneling, the Call-Serial-Number SHOULD be used in the Acct-Tunnel-Connection attribute. In L2TP, the Call-Serial-Number is a 32-bit field and in PPTP it is a 16-bit field. In PPTP the combination of IP Address and Call-Serial-Number SHOULD be unique, but this is not required. In addition, no method for determining the Call-Serial-Number is specified, which leaves open the possibility of wrapping after a reboot.
在对L2TP/PPTP隧道实施RADIUS记帐时,应在“帐户隧道连接”属性中使用呼叫序列号。在L2TP中,呼叫序列号是32位字段,在PPTP中是16位字段。在PPTP中,IP地址和呼叫序列号的组合应该是唯一的,但这不是必需的。此外,没有指定确定呼叫序列号的方法,这使得重新启动后可以进行包装。
Note that a 16-bit Call-Serial-Number is not sufficient to distinguish a given call from all other calls over an extended time period. For example, if the Call-Serial-Number is assigned monotonically, the NAS in question has 96 ports which are continually busy and the average call is of 20 minutes duration, then a 16-bit Call-Serial-Number will wrap within 65536/(96 * 3 calls/hour * 24 hours/day) = 9.48 days.
请注意,16位呼叫序列号不足以在较长时间内区分给定呼叫和所有其他呼叫。例如,如果呼叫序列号是单调分配的,所述NAS有96个端口持续忙,且平均呼叫持续时间为20分钟,则16位呼叫序列号将在65536/(96*3次呼叫/小时*24小时/天)=9.48天内结束。
Value
价值
9
9
Description
描述
This value MAY be used to mark the establishment of a tunnel with another node. If this value is used, the following attributes SHOULD also be included in the Accounting-Request packet:
该值可用于标记与另一节点的隧道的建立。如果使用此值,则记帐请求数据包中还应包括以下属性:
User-Name (1) NAS-IP-Address (4) Acct-Delay-Time (41) Event-Timestamp (55) Tunnel-Type (64) Tunnel-Medium-Type (65) Tunnel-Client-Endpoint (66) Tunnel-Server-Endpoint (67) Acct-Tunnel-Connection (68)
用户名(1)NAS IP地址(4)帐户延迟时间(41)事件时间戳(55)隧道类型(64)隧道介质类型(65)隧道客户端终结点(66)隧道服务器终结点(67)帐户隧道连接(68)
Value
价值
10
10
Description
描述
This value MAY be used to mark the destruction of a tunnel to or from another node. If this value is used, the following attributes SHOULD also be included in the Accounting-Request packet:
此值可用于标记进出另一节点的隧道的破坏。如果使用此值,则记帐请求数据包中还应包括以下属性:
User-Name (1) NAS-IP-Address (4) Acct-Delay-Time (41) Acct-Input-Octets (42) Acct-Output-Octets (43) Acct-Session-Id (44) Acct-Session-Time (46) Acct-Input-Packets (47) Acct-Output-Packets (48) Acct-Terminate-Cause (49) Acct-Multi-Session-Id (51) Event-Timestamp (55) Tunnel-Type (64) Tunnel-Medium-Type (65) Tunnel-Client-Endpoint (66) Tunnel-Server-Endpoint (67) Acct-Tunnel-Connection (68) Acct-Tunnel-Packets-Lost (86)
用户名(1)NAS IP地址(4)帐户延迟时间(41)帐户输入八位字节(42)帐户输出八位字节(43)帐户会话Id(44)帐户会话时间(46)帐户输入数据包(47)帐户输出数据包(48)帐户终止原因(49)帐户多会话Id(51)事件时间戳(55)隧道类型(64)隧道介质类型(65)隧道客户端端点(66)隧道服务器终结点(67)帐户隧道连接(68)帐户隧道数据包丢失(86)
Value
价值
11
11
Description
描述
This value MAY be used to mark the rejection of the establishment of a tunnel with another node. If this value is used, the following attributes SHOULD also be included in the Accounting-Request packet:
该值可用于标记拒绝与另一节点建立隧道。如果使用此值,则记帐请求数据包中还应包括以下属性:
User-Name (1) NAS-IP-Address (4) Acct-Delay-Time (41) Acct-Terminate-Cause (49) Event-Timestamp (55) Tunnel-Type (64) Tunnel-Medium-Type (65) Tunnel-Client-Endpoint (66) Tunnel-Server-Endpoint (67) Acct-Tunnel-Connection (68)
用户名(1)NAS IP地址(4)帐户延迟时间(41)帐户终止原因(49)事件时间戳(55)隧道类型(64)隧道介质类型(65)隧道客户端终结点(66)隧道服务器终结点(67)帐户隧道连接(68)
Value
价值
12
12
Description
描述
This value MAY be used to mark the creation of a tunnel link. Only some tunnel types (e.g., L2TP) support multiple links per tunnel. This Attribute is intended to mark the creation of a link within a tunnel that carries multiple links. For example, if a mandatory tunnel were to carry M links over its lifetime, 2(M+1) RADIUS Accounting messages might be sent: one each marking the initiation and destruction of the tunnel itself and one each for the initiation and destruction of each link within the tunnel. If only a single link can be carried in a given tunnel (e.g., IPsec in the tunnel mode), this Attribute need not be included in accounting packets, since the presence of the Tunnel-Start Attribute will imply the initiation of the (only possible) link.
此值可用于标记隧道连接的创建。只有一些隧道类型(例如L2TP)支持每个隧道的多条链路。此属性用于标记在承载多个链接的隧道内创建的链接。例如,如果强制隧道在其生命周期内承载M个链路,则可能会发送2(M+1)个半径记帐消息:一个用于标记隧道本身的启动和破坏,另一个用于隧道内每个链路的启动和破坏。如果给定隧道中只能承载一条链路(例如,隧道模式下的IPsec),则该属性不需要包含在记帐数据包中,因为隧道开始属性的存在将意味着(唯一可能的)链路的启动。
If this value is used, the following attributes SHOULD also be included in the Accounting-Request packet:
如果使用此值,则记帐请求数据包中还应包括以下属性:
User-Name (1) NAS-IP-Address (4) NAS-Port (5) Acct-Delay-Time (41) Event-Timestamp (55) Tunnel-Type (64) Tunnel-Medium-Type (65) Tunnel-Client-Endpoint (66) Tunnel-Server-Endpoint (67) Acct-Tunnel-Connection (68)
用户名(1)NAS IP地址(4)NAS端口(5)帐户延迟时间(41)事件时间戳(55)隧道类型(64)隧道介质类型(65)隧道客户端端点(66)隧道服务器端点(67)帐户隧道连接(68)
Value
价值
13
13
Description
描述
This value MAY be used to mark the destruction of a tunnel link. Only some tunnel types (e.g., L2TP) support multiple links per tunnel. This Attribute is intended to mark the destruction of a link within a tunnel that carries multiple links. For example, if a mandatory tunnel were to carry M links over its lifetime, 2(M+1) RADIUS Accounting messages might be sent: one each marking the initiation and destruction of the tunnel itself and one each for the initiation and destruction of each link within the tunnel. If only a single link can be carried in a given tunnel (e.g., IPsec in the tunnel mode), this Attribute need not be included in accounting packets, since the presence of the Tunnel-Stop Attribute will imply the termination of the (only possible) link.
该值可用于标记隧道连接的破坏。只有一些隧道类型(例如L2TP)支持每个隧道的多条链路。此属性用于标记承载多个链路的隧道内链路的破坏。例如,如果强制隧道在其生命周期内承载M个链路,则可能会发送2(M+1)个半径记帐消息:一个用于标记隧道本身的启动和破坏,另一个用于隧道内每个链路的启动和破坏。如果给定隧道中只能承载一条链路(例如,隧道模式下的IPsec),则该属性不需要包含在记帐数据包中,因为隧道停止属性的存在将意味着(仅可能)链路的终止。
If this value is used, the following attributes SHOULD also be included in the Accounting-Request packet:
如果使用此值,则记帐请求数据包中还应包括以下属性:
User-Name (1) NAS-IP-Address (4) NAS-Port (5) Acct-Delay-Time (41) Acct-Input-Octets (42) Acct-Output-Octets (43) Acct-Session-Id (44) Acct-Session-Time (46) Acct-Input-Packets (47)
用户名(1)NAS IP地址(4)NAS端口(5)帐户延迟时间(41)帐户输入八位字节(42)帐户输出八位字节(43)帐户会话Id(44)帐户会话时间(46)帐户输入数据包(47)
Acct-Output-Packets (48) Acct-Terminate-Cause (49) Acct-Multi-Session-Id (51) Event-Timestamp (55) NAS-Port-Type (61) Tunnel-Type (64) Tunnel-Medium-Type (65) Tunnel-Client-Endpoint (66) Tunnel-Server-Endpoint (67) Acct-Tunnel-Connection (68) Acct-Tunnel-Packets-Lost (86)
Acct输出数据包(48)Acct终止原因(49)Acct多会话Id(51)事件时间戳(55)NAS端口类型(61)隧道类型(64)隧道介质类型(65)隧道客户端终结点(66)隧道服务器终结点(67)Acct隧道连接(68)Acct隧道数据包丢失(86)
Value
价值
14
14
Description
描述
This value MAY be used to mark the rejection of the establishment of a new link in an existing tunnel. Only some tunnel types (e.g., L2TP) support multiple links per tunnel. If only a single link can be carried in a given tunnel (e.g., IPsec in the tunnel mode), this Attribute need not be included in accounting packets, since in this case the Tunnel-Reject Attribute has the same meaning.
该值可用于标记拒绝在现有隧道中建立新连接。只有一些隧道类型(例如L2TP)支持每个隧道的多条链路。如果给定隧道中只能承载一条链路(例如,隧道模式下的IPsec),则该属性不需要包含在记帐数据包中,因为在这种情况下,隧道拒绝属性具有相同的含义。
If this value is used, the following attributes SHOULD also be included in the Accounting-Request packet:
如果使用此值,则记帐请求数据包中还应包括以下属性:
User-Name (1) NAS-IP-Address (4) Acct-Delay-Time (41) Acct-Terminate-Cause (49) Event-Timestamp (55) Tunnel-Type (64) Tunnel-Medium-Type (65) Tunnel-Client-Endpoint (66) Tunnel-Server-Endpoint (67) Acct-Tunnel-Connection (68)
用户名(1)NAS IP地址(4)帐户延迟时间(41)帐户终止原因(49)事件时间戳(55)隧道类型(64)隧道介质类型(65)隧道客户端终结点(66)隧道服务器终结点(67)帐户隧道连接(68)
Description
描述
This Attribute indicates the identifier assigned to the tunnel session. It SHOULD be included in Accounting-Request packets which contain an Acct-Status-Type attribute having the value Start, Stop or any of the values described above. This attribute, along with the Tunnel-Client-Endpoint and Tunnel-Server-Endpoint attributes [3], may be used to provide a means to uniquely identify a tunnel session for auditing purposes.
此属性表示分配给隧道会话的标识符。它应该包含在包含Acct Status Type属性的记帐请求数据包中,该属性的值为Start、Stop或上述任何值。此属性以及隧道客户端端点和隧道服务器端点属性[3]可用于提供唯一标识隧道会话的方法,以用于审计目的。
A summary of the Acct-Tunnel-Connection Attribute format is shown below. The fields are transmitted from left to right.
Acct隧道连接属性格式的摘要如下所示。字段从左向右传输。
0 1 2 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | String ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | String ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
类型
68 for Acct-Tunnel-Connection
68用于Acct隧道连接
Length
长
>= 3
>= 3
String
一串
The format of the identifier represented by the String field depends upon the value of the Tunnel-Type attribute [3]. For example, to fully identify an L2TP tunnel connection, the L2TP Tunnel ID and Call ID might be encoded in this field. The exact encoding of this field is implementation dependent.
字符串字段表示的标识符的格式取决于隧道类型属性[3]的值。例如,为了完全识别L2TP隧道连接,L2TP隧道ID和呼叫ID可以在该字段中进行编码。此字段的确切编码取决于实现。
Description
描述
This Attribute indicates the number of packets lost on a given link. It SHOULD be included in Accounting-Request packets which contain an Acct-Status-Type attribute having the value Tunnel-Link-Stop.
此属性表示给定链路上丢失的数据包数。它应该包含在包含Acct Status Type属性的记帐请求数据包中,该属性具有值Tunnel Link Stop。
A summary of the Acct-Tunnel-Packets-Lost Attribute format is shown below. The fields are transmitted from left to right.
Acct隧道数据包丢失属性格式的摘要如下所示。字段从左向右传输。
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Lost +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Lost (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Lost +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Lost (cont) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
类型
86 for Acct-Tunnel-Packets-Lost
86用于帐户隧道数据包丢失
Length
长
6
6.
Lost
迷路的
The Lost field is 4 octets in length and represents the number of packets lost on the link.
丢失字段的长度为4个八位字节,表示链路上丢失的数据包数。
The following table provides a guide to which attributes may be found in Accounting-Request packets. No tunnel attributes should be found in Accounting-Response packets.
下表提供了在记帐请求数据包中可以找到哪些属性的指南。在记帐响应数据包中不应找到任何隧道属性。
Request # Attribute 0-1 64 Tunnel-Type 0-1 65 Tunnel-Medium-Type 0-1 66 Tunnel-Client-Endpoint 0-1 67 Tunnel-Server-Endpoint 0-1 68 Acct-Tunnel-Connection 0 69 Tunnel-Password 0-1 81 Tunnel-Private-Group-ID 0-1 82 Tunnel-Assignment-ID 0 83 Tunnel-Preference 0-1 86 Acct-Tunnel-Packets-Lost
请求#属性0-1 64隧道类型0-1 65隧道媒体类型0-1 66隧道客户端终结点0-1 67隧道服务器终结点0-1 68帐户隧道连接0 69隧道密码0-1 81隧道专用组ID 0-1 82隧道分配ID 0 83隧道首选项0-1 86帐户隧道数据包丢失
The following table defines the meaning of the above table entries.
下表定义了上述表格条目的含义。
0 This attribute MUST NOT be present in packet. 0+ Zero or more instances of this attribute MAY be present in packet. 0-1 Zero or one instance of this attribute MAY be present in packet.
0此属性不能出现在数据包中。数据包中可能存在0+零个或多个此属性的实例。0-1数据包中可能存在该属性的零个或一个实例。
By "sniffing" RADIUS Accounting packets, it might be possible for an eavesdropper to perform a passive analysis of tunnel connections.
通过“嗅探”RADIUS计费数据包,窃听者可能对隧道连接执行被动分析。
[1] Rigney, C., "RADIUS Accounting", RFC 2866, June 2000.
[1] 里格尼,C.,“半径会计”,RFC 28662000年6月。
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[2] Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[3] Zorn, G., Leifer, D., Rubens, A., Shriver, J., Holdrege, M. and I. Goyret, "RADIUS Attributes for Tunnel Protocol Support", RFC 2868, June 2000.
[3] Zorn,G.,Leifer,D.,Rubens,A.,Shriver,J.,Holdrege,M.和I.Goyret,“隧道协议支持的半径属性”,RFC 28682000年6月。
[4] Townsley, W., Valencia, A., Rubens, A., Pall, G., Zorn, G. and B. Palter, "Layer Two Tunneling Protocol "L2TP"", RFC 2661, August 1999.
[4] 汤斯利,W.,巴伦西亚,A.,鲁本斯,A.,帕尔,G.,佐恩,G.和B.帕尔特,“第二层隧道协议“L2TP”,RFC 26611999年8月。
[5] Hamzeh, K., Pall, G., Verthein, W., Taarud, J., Little, W. and G. Zorn, "Point-to-Point Tunneling Protocol (PPTP)", RFC 2637, July 1999.
[5] Hamzeh,K.,Pall,G.,Verthein,W.,Taarud,J.,Little,W.和G.Zorn,“点对点隧道协议(PPTP)”,RFC 2637,1999年7月。
Thanks to Aydin Edguer, Ly Loi, Matt Holdrege and Gurdeep Singh Pall for salient input and review.
感谢Aydin Edguer、Ly Loi、Matt Holdrege和Gurdeep Singh Pall提供的重要意见和评论。
Questions about this memo can be directed to:
有关本备忘录的问题,请联系:
Glen Zorn Cisco Systems, Inc. 500 108th Avenue N.E., Suite 500 Bellevue, Washington 98004 USA
格伦佐恩思科系统有限公司,地址:美国华盛顿州贝尔维尤第108大道500号500室,邮编:98004
Phone: +1 425 438 8218 FAX: +1 425 438 1848 EMail: gwz@cisco.com
Phone: +1 425 438 8218 FAX: +1 425 438 1848 EMail: gwz@cisco.com
Dave Mitton Nortel Networks 880 Technology Park Drive Billerica, MA 01821
Dave Mitton Nortel Networks 880科技园大道Billerica,马萨诸塞州01821
Phone: +1 978 288 4570 Fax: +1 978 288 3030 EMail: dmitton@nortelnetworks.com
Phone: +1 978 288 4570 Fax: +1 978 288 3030 EMail: dmitton@nortelnetworks.com
Bernard Aboba Microsoft Corporation One Microsoft Way Redmond, Washington 98052
伯纳德·阿博巴(Bernard Aboba)微软公司华盛顿州雷德蒙微软大道一号,邮编:98052
Phone: +1 425 936 6605 Fax: +1 425 936 7329 EMail: aboba@internaut.com
Phone: +1 425 936 6605 Fax: +1 425 936 7329 EMail: aboba@internaut.com
Copyright (C) The Internet Society (2000). All Rights Reserved.
版权所有(C)互联网协会(2000年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。